summaryrefslogtreecommitdiff
path: root/eaaf_modules/eaaf_module_moa-sig/src/main
diff options
context:
space:
mode:
Diffstat (limited to 'eaaf_modules/eaaf_module_moa-sig/src/main')
-rw-r--r--eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/ISignatureVerificationService.java142
-rw-r--r--eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/data/IGenericSignatureVerificationResponse.java112
-rw-r--r--eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/data/ISchemaRessourceProvider.java15
-rw-r--r--eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/data/IXMLSignatureVerificationResponse.java59
-rw-r--r--eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/exceptions/MOASigServiceBuilderException.java14
-rw-r--r--eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/exceptions/MOASigServiceConfigurationException.java11
-rw-r--r--eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/exceptions/MOASigServiceException.java26
-rw-r--r--eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/exceptions/MOASigServiceParserException.java14
-rw-r--r--eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/exceptions/MoaSigServiceBuilderException.java14
-rw-r--r--eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/exceptions/MoaSigServiceConfigurationException.java11
-rw-r--r--eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/exceptions/MoaSigServiceException.java26
-rw-r--r--eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/exceptions/MoaSigServiceParserException.java14
-rw-r--r--eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/AbstractSignatureService.java93
-rw-r--r--eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/MOASigSpringResourceProvider.java27
-rw-r--r--eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/MoaSigInitializer.java190
-rw-r--r--eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/MoaSigSpringResourceProvider.java28
-rw-r--r--eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/SignatureCreationService.java33
-rw-r--r--eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/SignatureVerificationService.java573
-rw-r--r--eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/data/GenericSignatureVerificationResponse.java237
-rw-r--r--eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/data/VerifyCMSSignatureResponse.java5
-rw-r--r--eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/data/VerifyXMLSignatureResponse.java106
-rw-r--r--eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/parser/VerifyXMLSignatureResponseParser.java180
-rw-r--r--eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/parser/VerifyXmlSignatureResponseParser.java192
-rw-r--r--eaaf_modules/eaaf_module_moa-sig/src/main/resources/moa-sig-service.beans.xml40
24 files changed, 1138 insertions, 1024 deletions
diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/ISignatureVerificationService.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/ISignatureVerificationService.java
index a3243635..155bfadd 100644
--- a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/ISignatureVerificationService.java
+++ b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/ISignatureVerificationService.java
@@ -1,84 +1,90 @@
package at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api;
import java.util.List;
-
import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.data.ICMSSignatureVerificationResponse;
import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.data.IXMLSignatureVerificationResponse;
-import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.exceptions.MOASigServiceException;
+import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.exceptions.MoaSigServiceException;
public interface ISignatureVerificationService {
- /**
- * Verify a CAdES or CMS signature
- * <br><br>
- * <i>This method only validates the first CMS or CAdES signature if more than one signature exists</i>
- *
- * @param signature Enveloped CMS or CAdES signature
- * @param trustProfileID Id of the Trust-Profile from MOA-Sig configuration
- * @return @link {@link ICMSSignatureVerificationResponse}, or null if no signature was found
- * @throws MOASigServiceException on signatue-verification error
- */
- ICMSSignatureVerificationResponse verifyCMSSignature(byte[] signature, String trustProfileID)
- throws MOASigServiceException;
+ /**
+ * Verify a CAdES or CMS signature. <br>
+ * <br>
+ * <i>This method only validates the first CMS or CAdES signature if more than one signature
+ * exists</i>
+ *
+ * @param signature Enveloped CMS or CAdES signature
+ * @param trustProfileID Id of the Trust-Profile from MOA-Sig configuration
+ * @return @link {@link ICMSSignatureVerificationResponse}, or null if no signature was found
+ * @throws MoaSigServiceException on signatue-verification error
+ */
+ ICMSSignatureVerificationResponse verifyCmsSignature(byte[] signature, String trustProfileID)
+ throws MoaSigServiceException;
- /**
- * Verify a XML or XAdES signature
- * <br><br>
- * <i>This method only validates the first XML or XAdES signature if more than one signature exists</i>
- *
- * @param signature Serialized XML or XAdES signature
- * @param trustProfileID Id of the Trust-Profile from MOA-Sig configuration
- * @return @link {@link IXMLSignatureVerificationResponse}, or null if no signature was found
- * @throws MOASigServiceException on signatue-verification error
- */
- IXMLSignatureVerificationResponse verifyXMLSignature(byte[] signature, String trustProfileID)
- throws MOASigServiceException;
+ /**
+ * Verify a XML or XAdES signature. <br>
+ * <br>
+ * <i>This method only validates the first XML or XAdES signature if more than one signature
+ * exists</i>
+ *
+ * @param signature Serialized XML or XAdES signature
+ * @param trustProfileID Id of the Trust-Profile from MOA-Sig configuration
+ * @return @link {@link IXMLSignatureVerificationResponse}, or null if no signature was found
+ * @throws MoaSigServiceException on signatue-verification error
+ */
+ IXMLSignatureVerificationResponse verifyXmlSignature(byte[] signature, String trustProfileID)
+ throws MoaSigServiceException;
- /**
- * Verify a XML or XAdES signature
- * <br><br>
- * <i>This method only validates the first XML or XAdES signature if more than one signature exists</i>
- *
- * @param signature Serialized XML or XAdES signature
- * @param trustProfileID Id of the Trust-Profile from MOA-Sig configuration
- * @param verifyTransformsInfoProfileID {@link List} of XML Transformations that should be used for signature-verification
- * @return @link {@link IXMLSignatureVerificationResponse}, or null if no signature was found
- * @throws MOASigServiceException on signatue-verification error
- */
- IXMLSignatureVerificationResponse verifyXMLSignature(byte[] signature, String trustProfileID,
- List<String> verifyTransformsInfoProfileID) throws MOASigServiceException;
+ /**
+ * Verify a XML or XAdES signature. <br>
+ * <br>
+ * <i>This method only validates the first XML or XAdES signature if more than one signature
+ * exists</i>
+ *
+ * @param signature Serialized XML or XAdES signature
+ * @param trustProfileID Id of the Trust-Profile from MOA-Sig configuration
+ * @param verifyTransformsInfoProfileID {@link List} of XML Transformations that should be used
+ * for signature-verification
+ * @return @link {@link IXMLSignatureVerificationResponse}, or null if no signature was found
+ * @throws MoaSigServiceException on signatue-verification error
+ */
+ IXMLSignatureVerificationResponse verifyXmlSignature(byte[] signature, String trustProfileID,
+ List<String> verifyTransformsInfoProfileID) throws MoaSigServiceException;
- /**
- * Verify a XML or XAdES signature
- * <br><br>
- * <i>This method only validates the first XML or XAdES signature if more than one signature exists</i>
- *
- * @param signature Serialized XML or XAdES signature
- * @param trustProfileID Id of the Trust-Profile from MOA-Sig configuration
- * @param signatureLocationXpath Xpath that points to location of Signature element
- * @return @link {@link IXMLSignatureVerificationResponse}, or null if no signature was found
- * @throws MOASigServiceException on signatue-verification error
- */
- IXMLSignatureVerificationResponse verifyXMLSignature(byte[] signature, String trustProfileID,
- String signatureLocationXpath) throws MOASigServiceException;
+ /**
+ * Verify a XML or XAdES signature. <br>
+ * <br>
+ * <i>This method only validates the first XML or XAdES signature if more than one signature
+ * exists</i>
+ *
+ * @param signature Serialized XML or XAdES signature
+ * @param trustProfileID Id of the Trust-Profile from MOA-Sig configuration
+ * @param signatureLocationXpath Xpath that points to location of Signature element
+ * @return @link {@link IXMLSignatureVerificationResponse}, or null if no signature was found
+ * @throws MoaSigServiceException on signatue-verification error
+ */
+ IXMLSignatureVerificationResponse verifyXmlSignature(byte[] signature, String trustProfileID,
+ String signatureLocationXpath) throws MoaSigServiceException;
- /**
- * Verify a XML or XAdES signature
- * <br><br>
- * <i>This method only validates the first XML or XAdES signature if more than one signature exists</i>
- *
- * @param signature Serialized XML or XAdES signature
- * @param trustProfileID Id of the Trust-Profile from MOA-Sig configuration
- * @param verifyTransformsInfoProfileID {@link List} of XML Transformations that should be used for signature-verification
- * @param signatureLocationXpath Xpath that points to location of Signature element
- * @return @link {@link IXMLSignatureVerificationResponse}, or null if no signature was found
- * @throws MOASigServiceException on signatue-verification error
- */
- IXMLSignatureVerificationResponse verifyXMLSignature(byte[] signature, String trustProfileID,
- List<String> verifyTransformsInfoProfileID,
- String signatureLocationXpath) throws MOASigServiceException;
+ /**
+ * Verify a XML or XAdES signature. <br>
+ * <br>
+ * <i>This method only validates the first XML or XAdES signature if more than one signature
+ * exists</i>
+ *
+ * @param signature Serialized XML or XAdES signature
+ * @param trustProfileID Id of the Trust-Profile from MOA-Sig configuration
+ * @param verifyTransformsInfoProfileID {@link List} of XML Transformations that should be used
+ * for signature-verification
+ * @param signatureLocationXpath Xpath that points to location of Signature element
+ * @return @link {@link IXMLSignatureVerificationResponse}, or null if no signature was found
+ * @throws MoaSigServiceException on signatue-verification error
+ */
+ IXMLSignatureVerificationResponse verifyXmlSignature(byte[] signature, String trustProfileID,
+ List<String> verifyTransformsInfoProfileID, String signatureLocationXpath)
+ throws MoaSigServiceException;
-} \ No newline at end of file
+}
diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/data/IGenericSignatureVerificationResponse.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/data/IGenericSignatureVerificationResponse.java
index 00d98c86..13a9b08f 100644
--- a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/data/IGenericSignatureVerificationResponse.java
+++ b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/data/IGenericSignatureVerificationResponse.java
@@ -5,65 +5,71 @@ import java.util.Date;
import org.springframework.lang.Nullable;
-import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.exceptions.MOASigServiceException;
+import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.exceptions.MoaSigServiceException;
public interface IGenericSignatureVerificationResponse {
- /**
- * Returns the signing time
- *
- * @return Signing time, or null if signature contains no time information
- */
- @Nullable
- Date getSigningDateTime();
-
- /**
- * Returns the signatureCheckCode.
- * @return int
- */
- int getSignatureCheckCode();
-
- /**
- * Returns the certificateCheckCode.
- * @return int
- */
- int getCertificateCheckCode();
+ /**
+ * Returns the signing time
+ *
+ * @return Signing time, or null if signature contains no time information
+ */
+ @Nullable
+ Date getSigningDateTime();
- /**
- * Returns the qualifiedCertificate.
- * @return boolean
- */
- boolean isQualifiedCertificate();
+ /**
+ * Returns the signatureCheckCode.
+ *
+ * @return int
+ */
+ int getSignatureCheckCode();
- /**
- * Returns the X509 certificate.
- * @return X509Certificate, or null if no certificate information exists
- * @throws MOASigServiceException if X509 certificate can not be deserialized
- */
- @Nullable
- X509Certificate getX509Certificate() throws MOASigServiceException;
+ /**
+ * Returns the certificateCheckCode.
+ *
+ * @return int
+ */
+ int getCertificateCheckCode();
-
- /**
- * Returns the X509 certificate in serialized form
- *
- * @return Serialized X509 certificate, or null if no certificate information exists
- */
- @Nullable
- byte[] getX509CertificateEncoded();
-
- /**
- * Returns the publicAuthority.
- * @return boolean
- */
- boolean isPublicAuthority();
-
- /**
- * Returns the publicAuthorityCode.
- * @return String OID, or null if no OID exists
- */
- @Nullable
- String getPublicAuthorityCode();
+ /**
+ * Returns the qualifiedCertificate.
+ *
+ * @return boolean
+ */
+ boolean isQualifiedCertificate();
+
+ /**
+ * Returns the X509 certificate.
+ *
+ * @return X509Certificate, or null if no certificate information exists
+ * @throws MoaSigServiceException if X509 certificate can not be deserialized
+ */
+ @Nullable
+ X509Certificate getX509Certificate() throws MoaSigServiceException;
+
+
+ /**
+ * Returns the X509 certificate in serialized form
+ *
+ * @return Serialized X509 certificate, or null if no certificate information exists
+ */
+ @Nullable
+ byte[] getX509CertificateEncoded();
+
+ /**
+ * Returns the publicAuthority.
+ *
+ * @return boolean
+ */
+ boolean isPublicAuthority();
+
+ /**
+ * Returns the publicAuthorityCode.
+ *
+ * @return String OID, or null if no OID exists
+ */
+ @Nullable
+ String getPublicAuthorityCode();
}
diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/data/ISchemaRessourceProvider.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/data/ISchemaRessourceProvider.java
index 9548d96b..9bd5791f 100644
--- a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/data/ISchemaRessourceProvider.java
+++ b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/data/ISchemaRessourceProvider.java
@@ -5,16 +5,17 @@ import java.util.Map;
/**
* Inject additional XML schemes into MOA-Sig
- *
+ *
* @author tlenz
*
*/
public interface ISchemaRessourceProvider {
- /**
- * Get a Map of additional XML schemes that should be injected into MOA-Sig
- *
- * @return A Set of {@link Entry} consist of Name of the Scheme and XML scheme as {@link InputStream}
- */
- public Map<String, InputStream> getSchemas();
+ /**
+ * Get a Map of additional XML schemes that should be injected into MOA-Sig
+ *
+ * @return A Set of {@link Entry} consist of Name of the Scheme and XML scheme as
+ * {@link InputStream}
+ */
+ public Map<String, InputStream> getSchemas();
}
diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/data/IXMLSignatureVerificationResponse.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/data/IXMLSignatureVerificationResponse.java
index 3e86fb63..6273bb9e 100644
--- a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/data/IXMLSignatureVerificationResponse.java
+++ b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/data/IXMLSignatureVerificationResponse.java
@@ -7,31 +7,34 @@ package at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.data;
public interface IXMLSignatureVerificationResponse extends IGenericSignatureVerificationResponse {
- /**
- * Returns the xmlDSIGManifestCheckCode.
- * @return int
- */
- int getXmlDSIGManifestCheckCode();
-
- /**
- * Returns the xmlDsigSubjectName.
- * @return String
- */
- String getXmlDsigSubjectName();
-
-
- /**
- * Returns the xmlDSIGManigest.
- * @return boolean
- */
- boolean isXmlDSIGManigest();
-
-
- /**
- * Returns the the resulting code of the signature manifest check.
- *
- * @return The code of the sigature manifest check.
- */
- int getSignatureManifestCheckCode();
-
-} \ No newline at end of file
+ /**
+ * Returns the xmlDSIGManifestCheckCode.
+ *
+ * @return int
+ */
+ int getXmlDSIGManifestCheckCode();
+
+ /**
+ * Returns the xmlDsigSubjectName.
+ *
+ * @return String
+ */
+ String getXmlDsigSubjectName();
+
+
+ /**
+ * Returns the xmlDSIGManigest.
+ *
+ * @return boolean
+ */
+ boolean isXmlDSIGManigest();
+
+
+ /**
+ * Returns the the resulting code of the signature manifest check.
+ *
+ * @return The code of the sigature manifest check.
+ */
+ int getSignatureManifestCheckCode();
+
+}
diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/exceptions/MOASigServiceBuilderException.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/exceptions/MOASigServiceBuilderException.java
deleted file mode 100644
index ded3f900..00000000
--- a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/exceptions/MOASigServiceBuilderException.java
+++ /dev/null
@@ -1,14 +0,0 @@
-package at.gv.egiz.eid.authhandler.modules.sigverify.moasig.exceptions;
-
-public class MOASigServiceBuilderException extends MOASigServiceException {
-
- private static final long serialVersionUID = 5178393157255309476L;
-
- public MOASigServiceBuilderException(String errorId, Object[] params) {
- super(errorId, params);
- }
-
- public MOASigServiceBuilderException(String errorId, Object[] params, Throwable e) {
- super(errorId, params, e);
- }
-}
diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/exceptions/MOASigServiceConfigurationException.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/exceptions/MOASigServiceConfigurationException.java
deleted file mode 100644
index f3c02fe1..00000000
--- a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/exceptions/MOASigServiceConfigurationException.java
+++ /dev/null
@@ -1,11 +0,0 @@
-package at.gv.egiz.eid.authhandler.modules.sigverify.moasig.exceptions;
-
-public class MOASigServiceConfigurationException extends MOASigServiceException {
-
- private static final long serialVersionUID = -4710795384615456488L;
-
- public MOASigServiceConfigurationException(String errorId, Object[] params, Throwable e) {
- super(errorId, params, e);
- }
-
-}
diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/exceptions/MOASigServiceException.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/exceptions/MOASigServiceException.java
deleted file mode 100644
index 243b4b1d..00000000
--- a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/exceptions/MOASigServiceException.java
+++ /dev/null
@@ -1,26 +0,0 @@
-package at.gv.egiz.eid.authhandler.modules.sigverify.moasig.exceptions;
-
-import at.gv.egiz.eaaf.core.exceptions.EAAFServiceException;
-
-public class MOASigServiceException extends EAAFServiceException {
-
- private static final long serialVersionUID = -6088238428550563658L;
- private static final String MOA_SIG_SERVICE_ID = "MOA-SIG-VERIFY";
-
- public MOASigServiceException(String errorId, Object[] params) {
- super(errorId, params);
-
- }
-
- public MOASigServiceException(String errorId, Object[] params, Throwable e) {
- super(errorId, params, e);
-
- }
-
- @Override
- protected String getServiceIdentifier() {
- return MOA_SIG_SERVICE_ID;
-
- }
-
-}
diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/exceptions/MOASigServiceParserException.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/exceptions/MOASigServiceParserException.java
deleted file mode 100644
index 63a51001..00000000
--- a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/exceptions/MOASigServiceParserException.java
+++ /dev/null
@@ -1,14 +0,0 @@
-package at.gv.egiz.eid.authhandler.modules.sigverify.moasig.exceptions;
-
-public class MOASigServiceParserException extends MOASigServiceException {
-
- private static final long serialVersionUID = 5178393157255309476L;
-
- public MOASigServiceParserException(String errorId, Object[] params) {
- super(errorId, params);
- }
-
- public MOASigServiceParserException(String errorId, Object[] params, Throwable e) {
- super(errorId, params, e);
- }
-}
diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/exceptions/MoaSigServiceBuilderException.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/exceptions/MoaSigServiceBuilderException.java
new file mode 100644
index 00000000..e32ab932
--- /dev/null
+++ b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/exceptions/MoaSigServiceBuilderException.java
@@ -0,0 +1,14 @@
+package at.gv.egiz.eid.authhandler.modules.sigverify.moasig.exceptions;
+
+public class MoaSigServiceBuilderException extends MoaSigServiceException {
+
+ private static final long serialVersionUID = 5178393157255309476L;
+
+ public MoaSigServiceBuilderException(final String errorId, final Object[] params) {
+ super(errorId, params);
+ }
+
+ public MoaSigServiceBuilderException(final String errorId, final Object[] params, final Throwable e) {
+ super(errorId, params, e);
+ }
+}
diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/exceptions/MoaSigServiceConfigurationException.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/exceptions/MoaSigServiceConfigurationException.java
new file mode 100644
index 00000000..fd5f8caf
--- /dev/null
+++ b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/exceptions/MoaSigServiceConfigurationException.java
@@ -0,0 +1,11 @@
+package at.gv.egiz.eid.authhandler.modules.sigverify.moasig.exceptions;
+
+public class MoaSigServiceConfigurationException extends MoaSigServiceException {
+
+ private static final long serialVersionUID = -4710795384615456488L;
+
+ public MoaSigServiceConfigurationException(final String errorId, final Object[] params, final Throwable e) {
+ super(errorId, params, e);
+ }
+
+}
diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/exceptions/MoaSigServiceException.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/exceptions/MoaSigServiceException.java
new file mode 100644
index 00000000..a4fb6290
--- /dev/null
+++ b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/exceptions/MoaSigServiceException.java
@@ -0,0 +1,26 @@
+package at.gv.egiz.eid.authhandler.modules.sigverify.moasig.exceptions;
+
+import at.gv.egiz.eaaf.core.exceptions.EaafServiceException;
+
+public class MoaSigServiceException extends EaafServiceException {
+
+ private static final long serialVersionUID = -6088238428550563658L;
+ private static final String MOA_SIG_SERVICE_ID = "MOA-SIG-VERIFY";
+
+ public MoaSigServiceException(final String errorId, final Object[] params) {
+ super(errorId, params);
+
+ }
+
+ public MoaSigServiceException(final String errorId, final Object[] params, final Throwable e) {
+ super(errorId, params, e);
+
+ }
+
+ @Override
+ protected String getServiceIdentifier() {
+ return MOA_SIG_SERVICE_ID;
+
+ }
+
+}
diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/exceptions/MoaSigServiceParserException.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/exceptions/MoaSigServiceParserException.java
new file mode 100644
index 00000000..a47b45e0
--- /dev/null
+++ b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/exceptions/MoaSigServiceParserException.java
@@ -0,0 +1,14 @@
+package at.gv.egiz.eid.authhandler.modules.sigverify.moasig.exceptions;
+
+public class MoaSigServiceParserException extends MoaSigServiceException {
+
+ private static final long serialVersionUID = 5178393157255309476L;
+
+ public MoaSigServiceParserException(final String errorId, final Object[] params) {
+ super(errorId, params);
+ }
+
+ public MoaSigServiceParserException(final String errorId, final Object[] params, final Throwable e) {
+ super(errorId, params, e);
+ }
+}
diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/AbstractSignatureService.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/AbstractSignatureService.java
index 7e65cec7..cbf80c39 100644
--- a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/AbstractSignatureService.java
+++ b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/AbstractSignatureService.java
@@ -6,72 +6,71 @@ import javax.xml.parsers.ParserConfigurationException;
import at.gv.egovernment.moa.spss.server.config.ConfigurationException;
import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider;
import at.gv.egovernment.moa.spss.server.iaik.config.IaikConfigurator;
-import at.gv.egovernment.moa.spss.server.logging.TransactionId;
import at.gv.egovernment.moa.spss.server.transaction.TransactionContext;
import at.gv.egovernment.moa.spss.server.transaction.TransactionContextManager;
import at.gv.egovernment.moaspss.logging.LoggingContext;
import at.gv.egovernment.moaspss.logging.LoggingContextManager;
-import iaik.server.Configurator;
-
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.w3c.dom.Document;
public abstract class AbstractSignatureService {
- private static final Logger log = LoggerFactory.getLogger(AbstractSignatureService.class);
+ private static final Logger log = LoggerFactory.getLogger(AbstractSignatureService.class);
+
+ @Autowired(required = true)
+ MoaSigInitializer moaSigConfig;
+
+ /**
+ * Get a new {@link Document} from {@link DocumentBuilder} in synchronized form, because
+ * {@link DocumentBuilderFactory} and {@link DocumentBuilder} are not thread-safe.
+ *
+ * @return {@link Document}
+ * @throws ParserConfigurationException In case of an error
+ */
+ protected synchronized Document getNewDocumentBuilder() throws ParserConfigurationException {
+ final DocumentBuilder docBuilder = DocumentBuilderFactory.newInstance().newDocumentBuilder();
+ return docBuilder.newDocument();
- @Autowired(required = true) MoaSigInitializer moaSigConfig;
-
- /**
- * Get a new {@link Document} from {@link DocumentBuilder} in synchronized form, because
- * {@link DocumentBuilderFactory} and {@link DocumentBuilder} are not thread-safe.
- *
- * @return {@link Document}
- * @throws ParserConfigurationException
- */
- protected synchronized Document getNewDocumentBuilder() throws ParserConfigurationException {
- final DocumentBuilder docBuilder = DocumentBuilderFactory.newInstance().newDocumentBuilder();
- return docBuilder.newDocument();
+ }
- }
+ /**
+ * Set up the thread-local context information needed for calling the various <code>Invoker</code>
+ * classes.
+ *
+ * @throws ConfigurationException An error occurred setting up the configuration in the
+ * <code>TransactionContext</code>.
+ */
+ protected final void setUpContexts(final String transactionID) throws ConfigurationException {
+ final TransactionContextManager txMgr = TransactionContextManager.getInstance();
+ final LoggingContextManager logMgr = LoggingContextManager.getInstance();
- /**
- * Set up the thread-local context information needed for calling the various
- * <code>Invoker</code> classes.
- *
- * @throws ConfigurationException An error occurred setting up the
- * configuration in the <code>TransactionContext</code>.
- */
- protected final void setUpContexts( String transactionID) throws ConfigurationException {
- final TransactionContextManager txMgr = TransactionContextManager.getInstance();
- final LoggingContextManager logMgr = LoggingContextManager.getInstance();
+ if (txMgr.getTransactionContext() == null) {
+ log.debug("Set not MOA-Sig transaction context");
+ final TransactionContext ctx =
+ new TransactionContext(transactionID, null, ConfigurationProvider.getInstance());
+ txMgr.setTransactionContext(ctx);
- if (txMgr.getTransactionContext() == null) {
- log.debug("Set not MOA-Sig transaction context");
- final TransactionContext ctx = new TransactionContext(transactionID, null, ConfigurationProvider.getInstance());
- txMgr.setTransactionContext(ctx);
+ }
- }
+ if (logMgr.getLoggingContext() == null) {
+ final LoggingContext ctx = new LoggingContext(transactionID);
+ logMgr.setLoggingContext(ctx);
- if (logMgr.getLoggingContext() == null) {
- final LoggingContext ctx = new LoggingContext(transactionID);
- logMgr.setLoggingContext(ctx);
+ }
- }
-
- new IaikConfigurator().configure(ConfigurationProvider.getInstance());
+ new IaikConfigurator().configure(ConfigurationProvider.getInstance());
- }
+ }
- /**
- * Tear down thread-local context information.
- */
- protected void tearDownContexts() {
- TransactionContextManager.getInstance().setTransactionContext(null);
- LoggingContextManager.getInstance().setLoggingContext(null);
- log.debug("Closing MOA-Sig transaction context");
+ /**
+ * Tear down thread-local context information.
+ */
+ protected void tearDownContexts() {
+ TransactionContextManager.getInstance().setTransactionContext(null);
+ LoggingContextManager.getInstance().setLoggingContext(null);
+ log.debug("Closing MOA-Sig transaction context");
- }
+ }
}
diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/MOASigSpringResourceProvider.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/MOASigSpringResourceProvider.java
deleted file mode 100644
index ecda7eb1..00000000
--- a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/MOASigSpringResourceProvider.java
+++ /dev/null
@@ -1,27 +0,0 @@
-package at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl;
-
-import org.springframework.core.io.ClassPathResource;
-import org.springframework.core.io.Resource;
-
-import at.gv.egiz.components.spring.api.SpringResourceProvider;
-
-public class MOASigSpringResourceProvider implements SpringResourceProvider {
-
- @Override
- public Resource[] getResourcesToLoad() {
- ClassPathResource moaSigConfig = new ClassPathResource("/moa-sig-service.beans.xml", MOASigSpringResourceProvider.class);
- return new Resource[] {moaSigConfig};
- }
-
- @Override
- public String[] getPackagesToScan() {
- // TODO Auto-generated method stub
- return null;
- }
-
- @Override
- public String getName() {
- return "Signature-verification service based on MOA-Sig (MOA-SPSS)";
- }
-
-}
diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/MoaSigInitializer.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/MoaSigInitializer.java
index 1628b71a..f0ee4612 100644
--- a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/MoaSigInitializer.java
+++ b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/MoaSigInitializer.java
@@ -6,11 +6,10 @@ import java.security.Provider;
import java.security.Security;
import java.util.Iterator;
import java.util.Map.Entry;
-
import javax.annotation.Nonnull;
import javax.annotation.PostConstruct;
import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.data.ISchemaRessourceProvider;
-import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.exceptions.MOASigServiceConfigurationException;
+import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.exceptions.MoaSigServiceConfigurationException;
import at.gv.egovernment.moa.spss.MOAException;
import at.gv.egovernment.moa.spss.api.Configurator;
import at.gv.egovernment.moaspss.logging.LoggingContext;
@@ -24,103 +23,108 @@ import iaik.security.ec.provider.ECCelerate;
import iaik.security.provider.IAIK;
public class MoaSigInitializer {
- private static final Logger log = LoggerFactory.getLogger(MoaSigInitializer.class);
-
- @Autowired(required=false) ISchemaRessourceProvider[] schemas;
-
- private Configurator moaSigConfigurator;
-
-
- /**
- * Get MOA-Sig configuration object
- *
- * @return moa-sig configuration
- */
- @Nonnull
- public Configurator getMoaSigConfigurator() {
- return moaSigConfigurator;
-
- }
-
- @PostConstruct
- private synchronized void initialize() throws MOASigServiceConfigurationException {
- log.info("Initializing MOA-Sig signature-verification service ... ");
-
- log.info("Loading Java security providers.");
- IAIK.addAsProvider();
- ECCelerate.addAsProvider();
-
- try {
- LoggingContextManager.getInstance().setLoggingContext(
- new LoggingContext("startup"));
- log.debug("MOA-Sig library initialization process ... ");
- Configurator.getInstance().init();
- log.info("MOA-Sig library initialization complete ");
-
- Security.insertProviderAt(IAIK.getInstance(), 0);
-
- final ECCelerate eccProvider = ECCelerate.getInstance();
- if (Security.getProvider(eccProvider.getName()) != null)
- Security.removeProvider(eccProvider.getName());
- Security.addProvider(new ECCelerate());
-
- fixJava8_141ProblemWithSSLAlgorithms();
-
- if (log.isDebugEnabled()) {
- log.debug("Loaded Security Provider:");
- final Provider[] providerList = Security.getProviders();
- for (int i=0; i<providerList.length; i++)
- log.debug(i + ": " + providerList[i].getName() + " Version " + providerList[i].getVersion());
+ private static final Logger log = LoggerFactory.getLogger(MoaSigInitializer.class);
- }
+ @Autowired(required = false)
+ ISchemaRessourceProvider[] schemas;
+
+ private Configurator moaSigConfigurator;
+
+
+ /**
+ * Get MOA-Sig configuration object.
+ *
+ * @return moa-sig configuration
+ */
+ @Nonnull
+ public Configurator getMoaSigConfigurator() {
+ return moaSigConfigurator;
+
+ }
+
+ @PostConstruct
+ private synchronized void initialize() throws MoaSigServiceConfigurationException {
+ log.info("Initializing MOA-Sig signature-verification service ... ");
+
+ log.info("Loading Java security providers.");
+ IAIK.addAsProvider();
+ ECCelerate.addAsProvider();
+
+ try {
+ LoggingContextManager.getInstance().setLoggingContext(new LoggingContext("startup"));
+ log.debug("MOA-Sig library initialization process ... ");
+ Configurator.getInstance().init();
+ log.info("MOA-Sig library initialization complete ");
+
+ Security.insertProviderAt(IAIK.getInstance(), 0);
+ final ECCelerate eccProvider = ECCelerate.getInstance();
+ if (Security.getProvider(eccProvider.getName()) != null) {
+ Security.removeProvider(eccProvider.getName());
+ }
+ Security.addProvider(new ECCelerate());
- //Inject additional XML schemes
- if (schemas != null && schemas.length > 0) {
- log.debug("Infjecting additional XML schemes ... ");
- for (final ISchemaRessourceProvider el : schemas) {
- final Iterator<Entry<String, InputStream>> xmlSchemeIt = el.getSchemas().entrySet().iterator();
- while (xmlSchemeIt.hasNext()) {
- final Entry<String, InputStream> xmlDef = xmlSchemeIt.next();
- try {
- DOMUtils.addSchemaToPool(xmlDef.getValue(), xmlDef.getKey());
- log.info("Inject XML scheme: {}", xmlDef.getKey());
+ fixJava8_141ProblemWithSslAlgorithms();
- } catch (final IOException e) {
- log.warn("Can NOT inject XML scheme: " + xmlDef.getKey(), e);
+ if (log.isDebugEnabled()) {
+ log.debug("Loaded Security Provider:");
+ final Provider[] providerList = Security.getProviders();
+ for (int i = 0; i < providerList.length; i++) {
+ log.debug(
+ i + ": " + providerList[i].getName() + " Version " + providerList[i].getVersion());
+ }
- }
+ }
+
+
+ // Inject additional XML schemes
+ if (schemas != null && schemas.length > 0) {
+ log.debug("Infjecting additional XML schemes ... ");
+ for (final ISchemaRessourceProvider el : schemas) {
+ final Iterator<Entry<String, InputStream>> xmlSchemeIt =
+ el.getSchemas().entrySet().iterator();
+ while (xmlSchemeIt.hasNext()) {
+ final Entry<String, InputStream> xmlDef = xmlSchemeIt.next();
+ try {
+ DOMUtils.addSchemaToPool(xmlDef.getValue(), xmlDef.getKey());
+ log.info("Inject XML scheme: {}", xmlDef.getKey());
+
+ } catch (final IOException e) {
+ log.warn("Can NOT inject XML scheme: " + xmlDef.getKey(), e);
- }
- }
}
-
- moaSigConfigurator = Configurator.getInstance();
-
-
- } catch (final MOAException e) {
- log.error("MOA-SP initialization FAILED!", e.getWrapped());
- throw new MOASigServiceConfigurationException("service.moasig.04", new Object[] { e
- .toString() }, e);
- }
-
-
- }
-
- private static void fixJava8_141ProblemWithSSLAlgorithms() {
- log.info("Change AlgorithmIDs to fix problems with Java8 >= 141 ...");
- //new AlgorithmID("1.2.840.113549.1.1.4", "md5WithRSAEncryption", new String[] { "MD5withRSA", "MD5/RSA", }, null, true);
- new AlgorithmID("1.2.840.113549.1.1.5", "sha1WithRSAEncryption",
- new String[] { "SHA1withRSA" , "SHA1/RSA", "SHA-1/RSA", "SHA/RSA", }, null, true);
- new AlgorithmID("1.2.840.113549.1.1.14", "sha224WithRSAEncryption",
- new String[] { "SHA224withRSA", "SHA224/RSA", "SHA-224/RSA", }, null, true);
- new AlgorithmID("1.2.840.113549.1.1.11", "sha256WithRSAEncryption",
- new String[] { "SHA256withRSA", "SHA256/RSA", "SHA-256/RSA", }, null, true);
- new AlgorithmID("1.2.840.113549.1.1.12", "sha384WithRSAEncryption",
- new String[] { "SHA384withRSA", "SHA384/RSA", "SHA-384/RSA", }, null, true);
- new AlgorithmID("1.2.840.113549.1.1.13", "sha512WithRSAEncryption",
- new String[] { "SHA512withRSA", "SHA512/RSA", "SHA-512/RSA" }, null, true);
-
- log.info("Change AlgorithmIDs finished");
+
+ }
+ }
+ }
+
+ moaSigConfigurator = Configurator.getInstance();
+
+
+ } catch (final MOAException e) {
+ log.error("MOA-SP initialization FAILED!", e.getWrapped());
+ throw new MoaSigServiceConfigurationException("service.moasig.04",
+ new Object[] {e.toString()}, e);
}
+
+
+ }
+
+ private static void fixJava8_141ProblemWithSslAlgorithms() {
+ log.info("Change AlgorithmIDs to fix problems with Java8 >= 141 ...");
+ // new AlgorithmID("1.2.840.113549.1.1.4", "md5WithRSAEncryption", new String[] { "MD5withRSA",
+ // "MD5/RSA", }, null, true);
+ new AlgorithmID("1.2.840.113549.1.1.5", "sha1WithRSAEncryption",
+ new String[] {"SHA1withRSA", "SHA1/RSA", "SHA-1/RSA", "SHA/RSA",}, null, true);
+ new AlgorithmID("1.2.840.113549.1.1.14", "sha224WithRSAEncryption",
+ new String[] {"SHA224withRSA", "SHA224/RSA", "SHA-224/RSA",}, null, true);
+ new AlgorithmID("1.2.840.113549.1.1.11", "sha256WithRSAEncryption",
+ new String[] {"SHA256withRSA", "SHA256/RSA", "SHA-256/RSA",}, null, true);
+ new AlgorithmID("1.2.840.113549.1.1.12", "sha384WithRSAEncryption",
+ new String[] {"SHA384withRSA", "SHA384/RSA", "SHA-384/RSA",}, null, true);
+ new AlgorithmID("1.2.840.113549.1.1.13", "sha512WithRSAEncryption",
+ new String[] {"SHA512withRSA", "SHA512/RSA", "SHA-512/RSA"}, null, true);
+
+ log.info("Change AlgorithmIDs finished");
+ }
}
diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/MoaSigSpringResourceProvider.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/MoaSigSpringResourceProvider.java
new file mode 100644
index 00000000..c8275264
--- /dev/null
+++ b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/MoaSigSpringResourceProvider.java
@@ -0,0 +1,28 @@
+package at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl;
+
+import org.springframework.core.io.ClassPathResource;
+import org.springframework.core.io.Resource;
+
+import at.gv.egiz.components.spring.api.SpringResourceProvider;
+
+public class MoaSigSpringResourceProvider implements SpringResourceProvider {
+
+ @Override
+ public Resource[] getResourcesToLoad() {
+ final ClassPathResource moaSigConfig =
+ new ClassPathResource("/moa-sig-service.beans.xml", MoaSigSpringResourceProvider.class);
+ return new Resource[] {moaSigConfig};
+ }
+
+ @Override
+ public String[] getPackagesToScan() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public String getName() {
+ return "Signature-verification service based on MOA-Sig (MOA-SPSS)";
+ }
+
+}
diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/SignatureCreationService.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/SignatureCreationService.java
index 59e7b516..5cb001ef 100644
--- a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/SignatureCreationService.java
+++ b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/SignatureCreationService.java
@@ -10,21 +10,22 @@ import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.ISignatureCreatio
import at.gv.egovernment.moa.spss.server.invoke.CMSSignatureCreationInvoker;
import at.gv.egovernment.moa.spss.server.invoke.XMLSignatureCreationInvoker;
-@Service(value="moaSigCreateService")
-public class SignatureCreationService extends AbstractSignatureService implements ISignatureCreationService{
- private static final Logger log = LoggerFactory.getLogger(SignatureCreationService.class);
-
- private XMLSignatureCreationInvoker xadesInvoker;
- private CMSSignatureCreationInvoker cadesInvoker;
-
-
- @PostConstruct
- protected void internalInitializer() {
- log.debug("Instanzing SignatureCreationService implementation ... ");
- xadesInvoker = XMLSignatureCreationInvoker.getInstance();
- cadesInvoker = CMSSignatureCreationInvoker.getInstance();
- log.info("MOA-Sig signature-creation service initialized");
-
- }
+@Service(value = "moaSigCreateService")
+public class SignatureCreationService extends AbstractSignatureService
+ implements ISignatureCreationService {
+ private static final Logger log = LoggerFactory.getLogger(SignatureCreationService.class);
+
+ private XMLSignatureCreationInvoker xadesInvoker;
+ private CMSSignatureCreationInvoker cadesInvoker;
+
+
+ @PostConstruct
+ protected void internalInitializer() {
+ log.debug("Instanzing SignatureCreationService implementation ... ");
+ xadesInvoker = XMLSignatureCreationInvoker.getInstance();
+ cadesInvoker = CMSSignatureCreationInvoker.getInstance();
+ log.info("MOA-Sig signature-creation service initialized");
+
+ }
}
diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/SignatureVerificationService.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/SignatureVerificationService.java
index f610e59e..3dbda391 100644
--- a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/SignatureVerificationService.java
+++ b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/SignatureVerificationService.java
@@ -7,9 +7,9 @@ import javax.annotation.PostConstruct;
import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.ISignatureVerificationService;
import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.data.ICMSSignatureVerificationResponse;
import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.data.IXMLSignatureVerificationResponse;
-import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.exceptions.MOASigServiceBuilderException;
-import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.exceptions.MOASigServiceException;
-import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.parser.VerifyXMLSignatureResponseParser;
+import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.exceptions.MoaSigServiceBuilderException;
+import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.exceptions.MoaSigServiceException;
+import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.parser.VerifyXmlSignatureResponseParser;
import at.gv.egovernment.moa.spss.MOAException;
import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureRequest;
import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureResponse;
@@ -33,270 +33,321 @@ import org.w3c.dom.Node;
/**
+ * MOA-Sig based signature verification implementation.
+ *
* @author tlenz
*
*/
-@Service(value="moaSigVerifyService")
-public class SignatureVerificationService extends AbstractSignatureService implements ISignatureVerificationService {
- private static final Logger log = LoggerFactory.getLogger(SignatureVerificationService.class);
-
- private static final String XMLNS_NS_URI = Constants.XMLNS_NS_URI;
- private static final String MOA_NS_URI = Constants.MOA_NS_URI;
- private static final String DSIG = Constants.DSIG_PREFIX + ":";
- private static final String DEFAULT_XPATH_SIGNATURE_LOCATION = "//" + DSIG + "Signature";
-
- private CMSSignatureVerificationInvoker cadesInvoker;
- private XMLSignatureVerificationInvoker xadesInvocer;
-
- /* (non-Javadoc)
- * @see at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.ISignatureVerificationService#verifyCMSSignature(byte[], java.lang.String)
- */
- @Override
- @Nullable
- public ICMSSignatureVerificationResponse verifyCMSSignature(byte[] signature, String trustProfileID) throws MOASigServiceException {
- try {
- //setup context
- setUpContexts(Thread.currentThread().getName());
-
- //verify signature
- final VerifyCMSSignatureRequest cmsSigVerifyReq = buildVerfifyCMSRequest(signature, trustProfileID, false, false);
- final VerifyCMSSignatureResponse cmsSigVerifyResp = cadesInvoker.verifyCMSSignature(cmsSigVerifyReq );
- return parseCMSVerificationResult(cmsSigVerifyResp);
-
- } catch (final MOAException e) {
- log.warn("CMS signature verification has an error.", e);
- throw new MOASigServiceException("service.03", new Object[] { e.toString()}, e);
-
- } catch (final CertificateEncodingException e) {
- log.warn("Can NOT serialize X509 certificate from CMS/CAdES signature-verification response", e);
- throw new MOASigServiceException("service.03", new Object[] { e.toString()}, e);
-
- } finally {
- tearDownContexts();
+@Service(value = "moaSigVerifyService")
+public class SignatureVerificationService extends AbstractSignatureService
+ implements ISignatureVerificationService {
+ private static final Logger log = LoggerFactory.getLogger(SignatureVerificationService.class);
+
+ private static final String XMLNS_NS_URI = Constants.XMLNS_NS_URI;
+ private static final String MOA_NS_URI = Constants.MOA_NS_URI;
+ private static final String DSIG = Constants.DSIG_PREFIX + ":";
+ private static final String DEFAULT_XPATH_SIGNATURE_LOCATION = "//" + DSIG + "Signature";
+
+ private CMSSignatureVerificationInvoker cadesInvoker;
+ private XMLSignatureVerificationInvoker xadesInvocer;
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.ISignatureVerificationService#
+ * verifyCMSSignature(byte[], java.lang.String)
+ */
+ @Override
+ @Nullable
+ public ICMSSignatureVerificationResponse verifyCmsSignature(final byte[] signature,
+ final String trustProfileID) throws MoaSigServiceException {
+ try {
+ // setup context
+ setUpContexts(Thread.currentThread().getName());
+
+ // verify signature
+ final VerifyCMSSignatureRequest cmsSigVerifyReq =
+ buildVerfifyCmsRequest(signature, trustProfileID, false, false);
+ final VerifyCMSSignatureResponse cmsSigVerifyResp =
+ cadesInvoker.verifyCMSSignature(cmsSigVerifyReq);
+ return parseCmsVerificationResult(cmsSigVerifyResp);
+
+ } catch (final MOAException e) {
+ log.warn("CMS signature verification has an error.", e);
+ throw new MoaSigServiceException("service.03", new Object[] {e.toString()}, e);
+
+ } catch (final CertificateEncodingException e) {
+ log.warn("Can NOT serialize X509 certificate from CMS/CAdES signature-verification response",
+ e);
+ throw new MoaSigServiceException("service.03", new Object[] {e.toString()}, e);
+
+ } finally {
+ tearDownContexts();
+
+ }
+
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.ISignatureVerificationService#
+ * verifyXMLSignature(byte[], java.lang.String)
+ */
+ @Override
+ public IXMLSignatureVerificationResponse verifyXmlSignature(final byte[] signature,
+ final String trustProfileID) throws MoaSigServiceException {
+ return verifyXmlSignature(signature, trustProfileID, null, DEFAULT_XPATH_SIGNATURE_LOCATION);
+
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.ISignatureVerificationService#
+ * verifyXMLSignature(byte[], java.lang.String, java.util.List)
+ */
+ @Override
+ public IXMLSignatureVerificationResponse verifyXmlSignature(final byte[] signature,
+ final String trustProfileID, final List<String> verifyTransformsInfoProfileID)
+ throws MoaSigServiceException {
+ return verifyXmlSignature(signature, trustProfileID, verifyTransformsInfoProfileID,
+ DEFAULT_XPATH_SIGNATURE_LOCATION);
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.ISignatureVerificationService#
+ * verifyXMLSignature(byte[], java.lang.String, java.lang.String)
+ */
+ @Override
+ public IXMLSignatureVerificationResponse verifyXmlSignature(final byte[] signature,
+ final String trustProfileID, final String signatureLocationXpath)
+ throws MoaSigServiceException {
+ return verifyXmlSignature(signature, trustProfileID, null, signatureLocationXpath);
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.ISignatureVerificationService#
+ * verifyXMLSignature(byte[], java.lang.String, java.util.List, java.lang.String)
+ */
+ @Override
+ public IXMLSignatureVerificationResponse verifyXmlSignature(final byte[] signature,
+ final String trustProfileID, final List<String> verifyTransformsInfoProfileID,
+ final String xpathSignatureLocation) throws MoaSigServiceException {
+ try {
+ // setup context
+ setUpContexts(Thread.currentThread().getName());
+
+ // build signature-verification request
+ final Element domVerifyXmlSignatureRequest = buildVerifyXmlRequest(signature, trustProfileID,
+ verifyTransformsInfoProfileID, xpathSignatureLocation);
+
+ // send signature-verification to MOA-Sig
+ final VerifyXMLSignatureRequest vsrequest =
+ new VerifyXMLSignatureRequestParser().parse(domVerifyXmlSignatureRequest);
+ final VerifyXMLSignatureResponse vsresponse = xadesInvocer.verifyXMLSignature(vsrequest);
+ final Document result = new VerifyXMLSignatureResponseBuilder(true).build(vsresponse);
+
+ // parses the <IXMLSignatureVerificationResponse>
+ final IXMLSignatureVerificationResponse verifyXmlSignatureResponse =
+ new VerifyXmlSignatureResponseParser(result.getDocumentElement()).parseData();
+
+ return verifyXmlSignatureResponse;
+
+ } catch (final MoaSigServiceException e) {
+ throw e;
+
+ } catch (final MOAException e) {
+ log.warn("MOA-Sig signature-verification has an internal error." + " MsgCode: "
+ + e.getMessageId() + " Msg: " + e.getMessage(), e);
+ throw new MoaSigServiceException("service.moasig.03", new Object[] {e.getMessage()}, e);
+
+ } finally {
+ tearDownContexts();
+
+ }
+ }
+
+ private ICMSSignatureVerificationResponse parseCmsVerificationResult(
+ final VerifyCMSSignatureResponse cmsSigVerifyResp) throws CertificateEncodingException {
+
+ if (cmsSigVerifyResp.getResponseElements() == null
+ || cmsSigVerifyResp.getResponseElements().isEmpty()) {
+ log.info("No CMS signature FOUND. ");
+ return null;
+
+ }
+
+ if (cmsSigVerifyResp.getResponseElements().size() > 1) {
+ log.warn(
+ "CMS or CAdES signature contains more than one technical signatures. Only validate the first signature");
+ }
+
+ final VerifyCMSSignatureResponseElement firstSig =
+ (VerifyCMSSignatureResponseElement) cmsSigVerifyResp.getResponseElements().get(0);
+
+ final at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.data.VerifyCMSSignatureResponse result =
+ new at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.data.VerifyCMSSignatureResponse();
+
+ // parse results into response container
+ result.setSignatureCheckCode(firstSig.getSignatureCheck().getCode());
+ result.setCertificateCheckCode(firstSig.getCertificateCheck().getCode());
+
+ if (firstSig.getSignerInfo() != null) {
+ result.setSigningDateTime(firstSig.getSignerInfo().getSigningTime());
+ result
+ .setX509CertificateEncoded(firstSig.getSignerInfo().getSignerCertificate().getEncoded());
+ result.setQualifiedCertificate(firstSig.getSignerInfo().isQualifiedCertificate());
+
+ result.setPublicAuthority(firstSig.getSignerInfo().isPublicAuthority());
+ result.setPublicAuthorityCode(firstSig.getSignerInfo().getPublicAuhtorityID());
+
+ } else {
+ log.info("CMS or CAdES verification result contains no SignerInfo");
+ }
+
+ return result;
+ }
+
+ /**
+ * Build a VerifyCMS-Siganture request for MOA-Sig. <br>
+ * <br>
+ * This builder only generates verification-request for enveloped CMS or CAdES signatures <br>
+ * This
+ *
+ * @param signature CMS or CAdES signature
+ * @param trustProfileID trustProfileID MOA-Sig Trust-Profile
+ * @param isPdfSignature Make CAdES signature as part of an PAdES document
+ * @param performExtendedValidation To extended validation. See MOA-Sig documentation for detailed
+ * information
+ * @return
+ */
+ private VerifyCMSSignatureRequest buildVerfifyCmsRequest(final byte[] signature,
+ final String trustProfileID, final boolean isPdfSignature,
+ final boolean performExtendedValidation) {
+ final VerifyCMSSignatureRequestImpl verifyCmsSignatureRequest =
+ new VerifyCMSSignatureRequestImpl();
+ verifyCmsSignatureRequest.setDateTime(null);
+ verifyCmsSignatureRequest.setCMSSignature(new ByteArrayInputStream(signature));
+ verifyCmsSignatureRequest.setDataObject(null);
+ verifyCmsSignatureRequest.setTrustProfileId(trustProfileID);
+ verifyCmsSignatureRequest.setSignatories(VerifyCMSSignatureRequest.ALL_SIGNATORIES);
+ verifyCmsSignatureRequest.setPDF(isPdfSignature);
+ verifyCmsSignatureRequest.setExtended(performExtendedValidation);
+ return verifyCmsSignatureRequest;
+
+ }
+
+ /**
+ * Build a VerifyXML-Signature request for MOA-Sig.
+ *
+ * @param signature Serialized XML signature
+ * @param trustProfileID MOA-Sig Trust-Profile
+ * @param verifyTransformsInfoProfileID {@link List} of Transformation-Profiles used for
+ * validation
+ * @param xpathSignatureLocation Xpath that points to location of Signature element
+ * @return MOA-Sig verification request element
+ * @throws MoaSigServiceBuilderException In case of an error
+ */
+ private Element buildVerifyXmlRequest(final byte[] signature, final String trustProfileID,
+ final List<String> verifyTransformsInfoProfileID, final String xpathSignatureLocation)
+ throws MoaSigServiceBuilderException {
+ try {
+ // build empty document
+ final Document requestDoc_ = getNewDocumentBuilder();
+ final Element requestElem_ =
+ requestDoc_.createElementNS(MOA_NS_URI, "VerifyXMLSignatureRequest");
+ requestElem_.setAttributeNS(XMLNS_NS_URI, "xmlns", MOA_NS_URI);
+ requestElem_.setAttributeNS(XMLNS_NS_URI, "xmlns:" + Constants.DSIG_PREFIX,
+ Constants.DSIG_NS_URI);
+ requestDoc_.appendChild(requestElem_);
+
+
+ // build the request
+ final Element verifiySignatureInfoElem =
+ requestDoc_.createElementNS(MOA_NS_URI, "VerifySignatureInfo");
+ requestElem_.appendChild(verifiySignatureInfoElem);
+ final Element verifySignatureEnvironmentElem =
+ requestDoc_.createElementNS(MOA_NS_URI, "VerifySignatureEnvironment");
+ verifiySignatureInfoElem.appendChild(verifySignatureEnvironmentElem);
+ final Element base64ContentElem = requestDoc_.createElementNS(MOA_NS_URI, "Base64Content");
+ verifySignatureEnvironmentElem.appendChild(base64ContentElem);
+
+ // insert the base64 encoded signature
+ String base64EncodedAssertion = Base64Utils.encodeToString(signature);
+ // replace all '\r' characters by no char.
+ final StringBuffer replaced = new StringBuffer();
+ for (int i = 0; i < base64EncodedAssertion.length(); i++) {
+ final char c = base64EncodedAssertion.charAt(i);
+ if (c != '\r') {
+ replaced.append(c);
+ }
+ }
+ base64EncodedAssertion = replaced.toString();
+ final Node base64Content = requestDoc_.createTextNode(base64EncodedAssertion);
+ base64ContentElem.appendChild(base64Content);
+
+ // specify the signature location
+ final Element verifySignatureLocationElem =
+ requestDoc_.createElementNS(MOA_NS_URI, "VerifySignatureLocation");
+ verifiySignatureInfoElem.appendChild(verifySignatureLocationElem);
+ final Node signatureLocation = requestDoc_.createTextNode(xpathSignatureLocation);
+ verifySignatureLocationElem.appendChild(signatureLocation);
+
+ // signature manifest params
+ if (verifyTransformsInfoProfileID != null && !verifyTransformsInfoProfileID.isEmpty()) {
+ final Element signatureManifestCheckParamsElem =
+ requestDoc_.createElementNS(MOA_NS_URI, "SignatureManifestCheckParams");
+ requestElem_.appendChild(signatureManifestCheckParamsElem);
+ signatureManifestCheckParamsElem.setAttribute("ReturnReferenceInputData", "false");
+
+ // verify transformations
+ final Element referenceInfoElem = requestDoc_.createElementNS(MOA_NS_URI, "ReferenceInfo");
+ signatureManifestCheckParamsElem.appendChild(referenceInfoElem);
+ for (final String element : verifyTransformsInfoProfileID) {
+ final Element verifyTransformsInfoProfileIdElem =
+ requestDoc_.createElementNS(MOA_NS_URI, "VerifyTransformsInfoProfileID");
+ referenceInfoElem.appendChild(verifyTransformsInfoProfileIdElem);
+ verifyTransformsInfoProfileIdElem.appendChild(requestDoc_.createTextNode(element));
}
+ }
- }
-
- /* (non-Javadoc)
- * @see at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.ISignatureVerificationService#verifyXMLSignature(byte[], java.lang.String)
- */
- @Override
- public IXMLSignatureVerificationResponse verifyXMLSignature(byte[] signature, String trustProfileID) throws MOASigServiceException {
- return verifyXMLSignature(signature, trustProfileID, null, DEFAULT_XPATH_SIGNATURE_LOCATION);
-
- }
-
- /* (non-Javadoc)
- * @see at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.ISignatureVerificationService#verifyXMLSignature(byte[], java.lang.String, java.util.List)
- */
- @Override
- public IXMLSignatureVerificationResponse verifyXMLSignature(byte[] signature, String trustProfileID, List<String> verifyTransformsInfoProfileID) throws MOASigServiceException {
- return verifyXMLSignature(signature, trustProfileID, verifyTransformsInfoProfileID, DEFAULT_XPATH_SIGNATURE_LOCATION);
- }
-
- /* (non-Javadoc)
- * @see at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.ISignatureVerificationService#verifyXMLSignature(byte[], java.lang.String, java.lang.String)
- */
- @Override
- public IXMLSignatureVerificationResponse verifyXMLSignature(byte[] signature, String trustProfileID, String signatureLocationXpath) throws MOASigServiceException {
- return verifyXMLSignature(signature, trustProfileID, null, signatureLocationXpath);
- }
-
- /* (non-Javadoc)
- * @see at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.ISignatureVerificationService#verifyXMLSignature(byte[], java.lang.String, java.util.List, java.lang.String)
- */
- @Override
- public IXMLSignatureVerificationResponse verifyXMLSignature(byte[] signature, String trustProfileID, List<String> verifyTransformsInfoProfileID, String xpathSignatureLocation) throws MOASigServiceException {
- try {
- //setup context
- setUpContexts(Thread.currentThread().getName());
-
- //build signature-verification request
- final Element domVerifyXMLSignatureRequest = buildVerifyXMLRequest(signature, trustProfileID, verifyTransformsInfoProfileID, xpathSignatureLocation);
-
- //send signature-verification to MOA-Sig
- final VerifyXMLSignatureRequest vsrequest = new VerifyXMLSignatureRequestParser().parse(domVerifyXMLSignatureRequest);
- final VerifyXMLSignatureResponse vsresponse = xadesInvocer.verifyXMLSignature(vsrequest);
- final Document result = new VerifyXMLSignatureResponseBuilder(true).build(vsresponse);
-
- // parses the <IXMLSignatureVerificationResponse>
- final IXMLSignatureVerificationResponse verifyXMLSignatureResponse = new VerifyXMLSignatureResponseParser(result.getDocumentElement()).parseData();
-
- return verifyXMLSignatureResponse;
-
- } catch (final MOASigServiceException e) {
- throw e;
-
- } catch (final MOAException e) {
- log.warn("MOA-Sig signature-verification has an internal error."
- + " MsgCode: " + e.getMessageId()
- + " Msg: " + e.getMessage(),
- e);
- throw new MOASigServiceException("service.moasig.03", new Object[]{e.getMessage()}, e);
-
- } finally {
- tearDownContexts();
+ // hashinput data
+ final Element returnHashInputDataElem =
+ requestDoc_.createElementNS(MOA_NS_URI, "ReturnHashInputData");
+ requestElem_.appendChild(returnHashInputDataElem);
- }
- }
-
-private ICMSSignatureVerificationResponse parseCMSVerificationResult(VerifyCMSSignatureResponse cmsSigVerifyResp) throws CertificateEncodingException {
-
- if (cmsSigVerifyResp.getResponseElements() == null ||
- cmsSigVerifyResp.getResponseElements().isEmpty()) {
- log.info("No CMS signature FOUND. ");
- return null;
-
- }
-
- if (cmsSigVerifyResp.getResponseElements().size() > 1)
- log.warn("CMS or CAdES signature contains more than one technical signatures. Only validate the first signature");
-
- final VerifyCMSSignatureResponseElement firstSig = (VerifyCMSSignatureResponseElement) cmsSigVerifyResp.getResponseElements().get(0);
-
- final at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.data.VerifyCMSSignatureResponse result =
- new at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.data.VerifyCMSSignatureResponse();
-
- //parse results into response container
- result.setSignatureCheckCode(firstSig.getSignatureCheck().getCode());
- result.setCertificateCheckCode(firstSig.getCertificateCheck().getCode());
-
- if (firstSig.getSignerInfo() != null) {
- result.setSigningDateTime(firstSig.getSignerInfo().getSigningTime());
- result.setX509CertificateEncoded(firstSig.getSignerInfo().getSignerCertificate().getEncoded());
- result.setQualifiedCertificate(firstSig.getSignerInfo().isQualifiedCertificate());
-
- result.setPublicAuthority(firstSig.getSignerInfo().isPublicAuthority());
- result.setPublicAuthorityCode(firstSig.getSignerInfo().getPublicAuhtorityID());
-
- } else
- log.info("CMS or CAdES verification result contains no SignerInfo");
-
- return result;
- }
-
- /**
- * Build a VerifyCMS-Siganture request for MOA-Sig.
- * <br><br>
- * This builder only generates verification-request for enveloped CMS or CAdES signatures
- * <br>
- * This
- *
- * @param signature CMS or CAdES signature
- * @param trustProfileID trustProfileID MOA-Sig Trust-Profile
- * @param isPdfSignature Make CAdES signature as part of an PAdES document
- * @param performExtendedValidation To extended validation. See MOA-Sig documentation for detailed information
- * @return
- */
- private VerifyCMSSignatureRequest buildVerfifyCMSRequest(byte[] signature, String trustProfileID,
- boolean isPdfSignature, boolean performExtendedValidation) {
- final VerifyCMSSignatureRequestImpl verifyCMSSignatureRequest = new VerifyCMSSignatureRequestImpl();
- verifyCMSSignatureRequest.setDateTime(null);
- verifyCMSSignatureRequest.setCMSSignature(new ByteArrayInputStream(signature));
- verifyCMSSignatureRequest.setDataObject(null);
- verifyCMSSignatureRequest.setTrustProfileId(trustProfileID);
- verifyCMSSignatureRequest.setSignatories(VerifyCMSSignatureRequest.ALL_SIGNATORIES);
- verifyCMSSignatureRequest.setPDF(isPdfSignature);
- verifyCMSSignatureRequest.setExtended(performExtendedValidation);
- return verifyCMSSignatureRequest;
-
- }
-
- /**
- * Build a VerifyXML-Signature request for MOA-Sig
- *
- * @param signature Serialized XML signature
- * @param trustProfileID MOA-Sig Trust-Profile
- * @param verifyTransformsInfoProfileID {@link List} of Transformation-Profiles used for validation
- * @param xpathSignatureLocation Xpath that points to location of Signature element
- * @return
- * @throws MOASigServiceBuilderException
- */
- private Element buildVerifyXMLRequest(byte[] signature, String trustProfileID, List<String> verifyTransformsInfoProfileID, String xpathSignatureLocation) throws MOASigServiceBuilderException {
- try {
- //build empty document
- final Document requestDoc_ = getNewDocumentBuilder();
- final Element requestElem_ = requestDoc_.createElementNS(MOA_NS_URI, "VerifyXMLSignatureRequest");
- requestElem_.setAttributeNS(XMLNS_NS_URI, "xmlns", MOA_NS_URI);
- requestElem_.setAttributeNS(XMLNS_NS_URI, "xmlns:" + Constants.DSIG_PREFIX, Constants.DSIG_NS_URI);
- requestDoc_.appendChild(requestElem_);
-
-
- // build the request
- final Element verifiySignatureInfoElem = requestDoc_.createElementNS(MOA_NS_URI, "VerifySignatureInfo");
- requestElem_.appendChild(verifiySignatureInfoElem);
- final Element verifySignatureEnvironmentElem = requestDoc_.createElementNS(MOA_NS_URI, "VerifySignatureEnvironment");
- verifiySignatureInfoElem.appendChild(verifySignatureEnvironmentElem);
- final Element base64ContentElem = requestDoc_.createElementNS(MOA_NS_URI, "Base64Content");
- verifySignatureEnvironmentElem.appendChild(base64ContentElem);
-
- // insert the base64 encoded signature
- String base64EncodedAssertion = Base64Utils.encodeToString(signature);
- //replace all '\r' characters by no char.
- final StringBuffer replaced = new StringBuffer();
- for (int i = 0; i < base64EncodedAssertion.length(); i ++) {
- final char c = base64EncodedAssertion.charAt(i);
- if (c != '\r') {
- replaced.append(c);
- }
- }
- base64EncodedAssertion = replaced.toString();
- final Node base64Content = requestDoc_.createTextNode(base64EncodedAssertion);
- base64ContentElem.appendChild(base64Content);
-
- // specify the signature location
- final Element verifySignatureLocationElem = requestDoc_.createElementNS(MOA_NS_URI, "VerifySignatureLocation");
- verifiySignatureInfoElem.appendChild(verifySignatureLocationElem);
- final Node signatureLocation = requestDoc_.createTextNode(xpathSignatureLocation);
- verifySignatureLocationElem.appendChild(signatureLocation);
-
- // signature manifest params
- if (verifyTransformsInfoProfileID != null && !verifyTransformsInfoProfileID.isEmpty()) {
- final Element signatureManifestCheckParamsElem = requestDoc_.createElementNS(MOA_NS_URI, "SignatureManifestCheckParams");
- requestElem_.appendChild(signatureManifestCheckParamsElem);
- signatureManifestCheckParamsElem.setAttribute("ReturnReferenceInputData", "false");
-
- //verify transformations
- final Element referenceInfoElem = requestDoc_.createElementNS(MOA_NS_URI, "ReferenceInfo");
- signatureManifestCheckParamsElem.appendChild(referenceInfoElem);
- for (final String element : verifyTransformsInfoProfileID) {
- final Element verifyTransformsInfoProfileIDElem = requestDoc_.createElementNS(MOA_NS_URI, "VerifyTransformsInfoProfileID");
- referenceInfoElem.appendChild(verifyTransformsInfoProfileIDElem);
- verifyTransformsInfoProfileIDElem.appendChild(requestDoc_.createTextNode(element));
-
- }
- }
-
- //hashinput data
- final Element returnHashInputDataElem = requestDoc_.createElementNS(MOA_NS_URI, "ReturnHashInputData");
- requestElem_.appendChild(returnHashInputDataElem);
-
- //add trustProfileID
- final Element trustProfileIDElem = requestDoc_.createElementNS(MOA_NS_URI, "TrustProfileID");
- trustProfileIDElem.appendChild(requestDoc_.createTextNode(trustProfileID));
- requestElem_.appendChild(trustProfileIDElem);
-
- return requestElem_;
-
- } catch (final Throwable t) {
- log.warn("Can NOT build VerifyXML-Signature request for MOA-Sig", t);
- throw new MOASigServiceBuilderException("service.moasig.03", new Object[] { t.getMessage() }, t);
-
- }
-
- }
-
-
-
- @PostConstruct
- protected void internalInitializer() {
- log.debug("Instanzing SignatureVerificationService implementation ... ");
- //svs = at.gv.egovernment.moa.spss.api.SignatureVerificationService.getInstance();
- cadesInvoker = CMSSignatureVerificationInvoker.getInstance();
- xadesInvocer = XMLSignatureVerificationInvoker.getInstance();
- log.info("MOA-Sig signature-verification service initialized");
-
- }
+ // add trustProfileID
+ final Element trustProfileIdElem = requestDoc_.createElementNS(MOA_NS_URI, "TrustProfileID");
+ trustProfileIdElem.appendChild(requestDoc_.createTextNode(trustProfileID));
+ requestElem_.appendChild(trustProfileIdElem);
+
+ return requestElem_;
+
+ } catch (final Throwable t) {
+ log.warn("Can NOT build VerifyXML-Signature request for MOA-Sig", t);
+ throw new MoaSigServiceBuilderException("service.moasig.03", new Object[] {t.getMessage()},
+ t);
+
+ }
+
+ }
+
+
+
+ @PostConstruct
+ protected void internalInitializer() {
+ log.debug("Instanzing SignatureVerificationService implementation ... ");
+ // svs = at.gv.egovernment.moa.spss.api.SignatureVerificationService.getInstance();
+ cadesInvoker = CMSSignatureVerificationInvoker.getInstance();
+ xadesInvocer = XMLSignatureVerificationInvoker.getInstance();
+ log.info("MOA-Sig signature-verification service initialized");
+
+ }
}
diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/data/GenericSignatureVerificationResponse.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/data/GenericSignatureVerificationResponse.java
index f3c724d8..701e2072 100644
--- a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/data/GenericSignatureVerificationResponse.java
+++ b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/data/GenericSignatureVerificationResponse.java
@@ -9,122 +9,125 @@ import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.data.IGenericSignatureVerificationResponse;
-import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.exceptions.MOASigServiceException;
-import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.exceptions.MOASigServiceParserException;
-
-public class GenericSignatureVerificationResponse implements IGenericSignatureVerificationResponse, Serializable {
-
- private static final long serialVersionUID = -7751001050689401118L;
- private static final Logger log = LoggerFactory.getLogger(GenericSignatureVerificationResponse.class);
-
-
- /** The signing time */
- private Date signingDateTime;
-
- /** The signatureCheckCode to be stored */
- private int signatureCheckCode;
-
- /** The certificateCheckCode to be stored */
- private int certificateCheckCode;
-
- /** The publicAuthority to be stored */
- private boolean publicAuthority;
-
- /** The publicAuthorityCode to be stored */
- private String publicAuthorityCode;
-
- /** The qualifiedCertificate to be stored */
- private boolean qualifiedCertificate;
-
- private byte[] x509CertificateEncoded;
-
- @Override
- public Date getSigningDateTime() {
- return this.signingDateTime;
-
- }
-
- @Override
- public int getSignatureCheckCode() {
- return this.signatureCheckCode;
-
- }
-
- @Override
- public int getCertificateCheckCode() {
- return this.certificateCheckCode;
-
- }
-
- @Override
- public boolean isQualifiedCertificate() {
- return this.qualifiedCertificate;
-
- }
-
- @Override
- public X509Certificate getX509Certificate() throws MOASigServiceException {
- if (x509CertificateEncoded != null) {
- try {
- return new X509Certificate(x509CertificateEncoded);
-
- } catch (CertificateException e) {
- log.error("Can NOT parse X509 certifcate in " + GenericSignatureVerificationResponse.class.getName(), e);
- throw new MOASigServiceParserException("service.moasig.01", null, e);
- }
-
- }
-
- return null;
-
- }
-
- @Override
- public byte[] getX509CertificateEncoded() {
- return this.getX509CertificateEncoded();
-
- }
-
- @Override
- public boolean isPublicAuthority() {
- return this.publicAuthority;
-
- }
-
- @Override
- public String getPublicAuthorityCode() {
- return this.publicAuthorityCode;
-
- }
-
- public void setSigningDateTime(Date signingDateTime) {
- this.signingDateTime = signingDateTime;
- }
-
- public void setSignatureCheckCode(int signatureCheckCode) {
- this.signatureCheckCode = signatureCheckCode;
- }
-
- public void setCertificateCheckCode(int certificateCheckCode) {
- this.certificateCheckCode = certificateCheckCode;
- }
-
- public void setPublicAuthority(boolean publicAuthority) {
- this.publicAuthority = publicAuthority;
- }
-
- public void setPublicAuthorityCode(String publicAuthorityCode) {
- this.publicAuthorityCode = publicAuthorityCode;
- }
-
- public void setQualifiedCertificate(boolean qualifiedCertificate) {
- this.qualifiedCertificate = qualifiedCertificate;
- }
-
- public void setX509CertificateEncoded(byte[] x509CertificateEncoded) {
- this.x509CertificateEncoded = x509CertificateEncoded;
- }
-
-
+import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.exceptions.MoaSigServiceException;
+import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.exceptions.MoaSigServiceParserException;
+
+public class GenericSignatureVerificationResponse
+ implements IGenericSignatureVerificationResponse, Serializable {
+
+ private static final long serialVersionUID = -7751001050689401118L;
+ private static final Logger log =
+ LoggerFactory.getLogger(GenericSignatureVerificationResponse.class);
+
+
+ /** The signing time */
+ private Date signingDateTime;
+
+ /** The signatureCheckCode to be stored */
+ private int signatureCheckCode;
+
+ /** The certificateCheckCode to be stored */
+ private int certificateCheckCode;
+
+ /** The publicAuthority to be stored */
+ private boolean publicAuthority;
+
+ /** The publicAuthorityCode to be stored */
+ private String publicAuthorityCode;
+
+ /** The qualifiedCertificate to be stored */
+ private boolean qualifiedCertificate;
+
+ private byte[] x509CertificateEncoded;
+
+ @Override
+ public Date getSigningDateTime() {
+ return this.signingDateTime;
+
+ }
+
+ @Override
+ public int getSignatureCheckCode() {
+ return this.signatureCheckCode;
+
+ }
+
+ @Override
+ public int getCertificateCheckCode() {
+ return this.certificateCheckCode;
+
+ }
+
+ @Override
+ public boolean isQualifiedCertificate() {
+ return this.qualifiedCertificate;
+
+ }
+
+ @Override
+ public X509Certificate getX509Certificate() throws MoaSigServiceException {
+ if (x509CertificateEncoded != null) {
+ try {
+ return new X509Certificate(x509CertificateEncoded);
+
+ } catch (final CertificateException e) {
+ log.error("Can NOT parse X509 certifcate in "
+ + GenericSignatureVerificationResponse.class.getName(), e);
+ throw new MoaSigServiceParserException("service.moasig.01", null, e);
+ }
+
+ }
+
+ return null;
+
+ }
+
+ @Override
+ public byte[] getX509CertificateEncoded() {
+ return this.getX509CertificateEncoded();
+
+ }
+
+ @Override
+ public boolean isPublicAuthority() {
+ return this.publicAuthority;
+
+ }
+
+ @Override
+ public String getPublicAuthorityCode() {
+ return this.publicAuthorityCode;
+
+ }
+
+ public void setSigningDateTime(final Date signingDateTime) {
+ this.signingDateTime = signingDateTime;
+ }
+
+ public void setSignatureCheckCode(final int signatureCheckCode) {
+ this.signatureCheckCode = signatureCheckCode;
+ }
+
+ public void setCertificateCheckCode(final int certificateCheckCode) {
+ this.certificateCheckCode = certificateCheckCode;
+ }
+
+ public void setPublicAuthority(final boolean publicAuthority) {
+ this.publicAuthority = publicAuthority;
+ }
+
+ public void setPublicAuthorityCode(final String publicAuthorityCode) {
+ this.publicAuthorityCode = publicAuthorityCode;
+ }
+
+ public void setQualifiedCertificate(final boolean qualifiedCertificate) {
+ this.qualifiedCertificate = qualifiedCertificate;
+ }
+
+ public void setX509CertificateEncoded(final byte[] x509CertificateEncoded) {
+ this.x509CertificateEncoded = x509CertificateEncoded;
+ }
+
+
}
diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/data/VerifyCMSSignatureResponse.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/data/VerifyCMSSignatureResponse.java
index 2c177c71..0583a29e 100644
--- a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/data/VerifyCMSSignatureResponse.java
+++ b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/data/VerifyCMSSignatureResponse.java
@@ -2,8 +2,9 @@ package at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.data;
import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.data.ICMSSignatureVerificationResponse;
-public class VerifyCMSSignatureResponse extends GenericSignatureVerificationResponse implements ICMSSignatureVerificationResponse{
+public class VerifyCMSSignatureResponse extends GenericSignatureVerificationResponse
+ implements ICMSSignatureVerificationResponse {
- private static final long serialVersionUID = 708260904158070696L;
+ private static final long serialVersionUID = 708260904158070696L;
}
diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/data/VerifyXMLSignatureResponse.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/data/VerifyXMLSignatureResponse.java
index 0646bda7..003d2c46 100644
--- a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/data/VerifyXMLSignatureResponse.java
+++ b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/data/VerifyXMLSignatureResponse.java
@@ -3,17 +3,18 @@ package at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.data;
import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.data.IXMLSignatureVerificationResponse;
/**
- *
- *
+ *
+ *
* @author tlenz
*
*/
-public class VerifyXMLSignatureResponse extends GenericSignatureVerificationResponse implements IXMLSignatureVerificationResponse {
+public class VerifyXMLSignatureResponse extends GenericSignatureVerificationResponse
+ implements IXMLSignatureVerificationResponse {
private static final long serialVersionUID = 8386070769565711601L;
-/** The xmlDsigSubjectName to be stored */
+ /** The xmlDsigSubjectName to be stored */
private String xmlDsigSubjectName;
/** The xmlDSIGManifestCheckCode to be stored */
@@ -22,72 +23,97 @@ public class VerifyXMLSignatureResponse extends GenericSignatureVerificationResp
private boolean xmlDSIGManigest;
/**
- * The result of the signature manifest check. The default value <code>-1</code>
- * indicates that the signature manifest has not been checked.
+ * The result of the signature manifest check. The default value <code>-1</code> indicates that
+ * the signature manifest has not been checked.
*/
private int signatureManifestCheckCode = -1;
-
- /* (non-Javadoc)
- * @see at.gv.egovernment.moa.id.auth.data.IVerifiyXMLSignatureResponse#getXmlDSIGManifestCheckCode()
- */
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see
+ * at.gv.egovernment.moa.id.auth.data.IVerifiyXMLSignatureResponse#getXmlDSIGManifestCheckCode()
+ */
@Override
-public int getXmlDSIGManifestCheckCode() {
+ public int getXmlDSIGManifestCheckCode() {
return xmlDSIGManifestCheckCode;
}
- /* (non-Javadoc)
- * @see at.gv.egovernment.moa.id.auth.data.IVerifiyXMLSignatureResponse#getXmlDsigSubjectName()
- */
+ /*
+ * (non-Javadoc)
+ *
+ * @see at.gv.egovernment.moa.id.auth.data.IVerifiyXMLSignatureResponse#getXmlDsigSubjectName()
+ */
@Override
-public String getXmlDsigSubjectName() {
+ public String getXmlDsigSubjectName() {
return xmlDsigSubjectName;
}
- /* (non-Javadoc)
- * @see at.gv.egovernment.moa.id.auth.data.IVerifiyXMLSignatureResponse#setXmlDSIGManifestCheckCode(int)
- */
-public void setXmlDSIGManifestCheckCode(int xmlDSIGManifestCheckCode) {
+ /*
+ * (non-Javadoc)
+ *
+ * @see
+ * at.gv.egovernment.moa.id.auth.data.IVerifiyXMLSignatureResponse#setXmlDSIGManifestCheckCode(
+ * int)
+ */
+ public void setXmlDSIGManifestCheckCode(final int xmlDSIGManifestCheckCode) {
this.xmlDSIGManifestCheckCode = xmlDSIGManifestCheckCode;
}
- /* (non-Javadoc)
- * @see at.gv.egovernment.moa.id.auth.data.IVerifiyXMLSignatureResponse#setXmlDsigSubjectName(java.lang.String)
- */
-public void setXmlDsigSubjectName(String xmlDsigSubjectName) {
+ /*
+ * (non-Javadoc)
+ *
+ * @see
+ * at.gv.egovernment.moa.id.auth.data.IVerifiyXMLSignatureResponse#setXmlDsigSubjectName(java.lang
+ * .String)
+ */
+ public void setXmlDsigSubjectName(final String xmlDsigSubjectName) {
this.xmlDsigSubjectName = xmlDsigSubjectName;
}
- /* (non-Javadoc)
- * @see at.gv.egovernment.moa.id.auth.data.IVerifiyXMLSignatureResponse#isXmlDSIGManigest()
- */
+ /*
+ * (non-Javadoc)
+ *
+ * @see at.gv.egovernment.moa.id.auth.data.IVerifiyXMLSignatureResponse#isXmlDSIGManigest()
+ */
@Override
-public boolean isXmlDSIGManigest() {
+ public boolean isXmlDSIGManigest() {
return xmlDSIGManigest;
}
- /* (non-Javadoc)
- * @see at.gv.egovernment.moa.id.auth.data.IVerifiyXMLSignatureResponse#setXmlDSIGManigest(boolean)
- */
-public void setXmlDSIGManigest(boolean xmlDSIGManigest) {
+ /*
+ * (non-Javadoc)
+ *
+ * @see
+ * at.gv.egovernment.moa.id.auth.data.IVerifiyXMLSignatureResponse#setXmlDSIGManigest(boolean)
+ */
+ public void setXmlDSIGManigest(final boolean xmlDSIGManigest) {
this.xmlDSIGManigest = xmlDSIGManigest;
}
- /* (non-Javadoc)
- * @see at.gv.egovernment.moa.id.auth.data.IVerifiyXMLSignatureResponse#getSignatureManifestCheckCode()
- */
+ /*
+ * (non-Javadoc)
+ *
+ * @see
+ * at.gv.egovernment.moa.id.auth.data.IVerifiyXMLSignatureResponse#getSignatureManifestCheckCode()
+ */
@Override
-public int getSignatureManifestCheckCode() {
+ public int getSignatureManifestCheckCode() {
return signatureManifestCheckCode;
}
- /* (non-Javadoc)
- * @see at.gv.egovernment.moa.id.auth.data.IVerifiyXMLSignatureResponse#setSignatureManifestCheckCode(int)
- */
-public void setSignatureManifestCheckCode(int signatureManifestCheckCode) {
+ /*
+ * (non-Javadoc)
+ *
+ * @see
+ * at.gv.egovernment.moa.id.auth.data.IVerifiyXMLSignatureResponse#setSignatureManifestCheckCode(
+ * int)
+ */
+ public void setSignatureManifestCheckCode(final int signatureManifestCheckCode) {
this.signatureManifestCheckCode = signatureManifestCheckCode;
}
-
+
}
diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/parser/VerifyXMLSignatureResponseParser.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/parser/VerifyXMLSignatureResponseParser.java
deleted file mode 100644
index e581394b..00000000
--- a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/parser/VerifyXMLSignatureResponseParser.java
+++ /dev/null
@@ -1,180 +0,0 @@
-package at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.parser;
-
-import java.io.ByteArrayInputStream;
-import java.io.InputStream;
-
-import org.joda.time.DateTime;
-import org.joda.time.format.ISODateTimeFormat;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.springframework.lang.NonNull;
-import org.w3c.dom.Element;
-
-import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.data.IXMLSignatureVerificationResponse;
-import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.exceptions.MOASigServiceException;
-import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.exceptions.MOASigServiceParserException;
-import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.data.VerifyXMLSignatureResponse;
-import at.gv.egovernment.moaspss.util.Constants;
-import at.gv.egovernment.moaspss.util.DOMUtils;
-import at.gv.egovernment.moaspss.util.XPathUtils;
-import iaik.utils.Base64InputStream;
-import iaik.x509.X509Certificate;
-
-
-public class VerifyXMLSignatureResponseParser {
- private static final Logger log = LoggerFactory.getLogger(VerifyXMLSignatureResponseParser.class);
-
- //
- // XPath namespace prefix shortcuts
- //
- /** Xpath prefix for reaching MOA Namespaces */
- private static final String MOA = Constants.MOA_PREFIX + ":";
- /** Xpath prefix for reaching DSIG Namespaces */
- private static final String DSIG = Constants.DSIG_PREFIX + ":";
- /** Xpath expression to the root element */
- private static final String ROOT = "/" + MOA + "VerifyXMLSignatureResponse/";
-
- /** Xpath expression to the X509SubjectName element */
- private static final String DSIG_SUBJECT_NAME_XPATH =
- ROOT + MOA + "SignerInfo/" + DSIG + "X509Data/" +
- DSIG + "X509SubjectName";
- /** Xpath expression to the X509Certificate element */
- private static final String DSIG_X509_CERTIFICATE_XPATH =
- ROOT + MOA + "SignerInfo/" + DSIG + "X509Data/" +
- DSIG + "X509Certificate";
- /** Xpath expression to the PublicAuthority element */
- private static final String PUBLIC_AUTHORITY_XPATH =
- ROOT + MOA + "SignerInfo/" + DSIG + "X509Data/" +
- MOA + "PublicAuthority";
- /** Xpath expression to the PublicAuthorityCode element */
- private static final String PUBLIC_AUTHORITY_CODE_XPATH =
- PUBLIC_AUTHORITY_XPATH + "/" + MOA + "Code";
- /** Xpath expression to the QualifiedCertificate element */
- private static final String QUALIFIED_CERTIFICATE_XPATH =
- ROOT + MOA + "SignerInfo/" + DSIG + "X509Data/" +
- MOA + "QualifiedCertificate";
-
- /** Xpath expression to the SignatureCheckCode element */
- private static final String SIGNATURE_CHECK_CODE_XPATH =
- ROOT + MOA + "SignatureCheck/" + MOA + "Code";
- /** Xpath expression to the XMLDSIGManifestCheckCode element */
- private static final String XMLDSIG_MANIFEST_CHECK_CODE_XPATH =
- ROOT + MOA + "XMLDSIGManifestCheck/" + MOA + "Code";
- /** Xpath expression to the SignatureManifestCheckCode element */
- private static final String SIGNATURE_MANIFEST_CHECK_CODE_XPATH =
- ROOT + MOA + "SignatureManifestCheck/" + MOA + "Code";
- /** Xpath expression to the CertificateCheckCode element */
- private static final String CERTIFICATE_CHECK_CODE_XPATH =
- ROOT + MOA + "CertificateCheck/" + MOA + "Code";
-
- private static final String SIGNING_TIME_XPATH =
- ROOT + MOA + "SigningTime";
-
-
- /** This is the root element of the XML-Document provided by the Security Layer Card*/
- private Element verifyXMLSignatureResponse;
-
- /**
- * Constructor for VerifyXMLSignatureResponseParser.
- * A DOM-representation of the incoming String will be created
- * @param xmlResponse <code>&lt;InfoboxReadResponse&gt;</code> as String
- * @throws MOASigServiceParserException on any parsing error
- */
- public VerifyXMLSignatureResponseParser(String xmlResponse) throws MOASigServiceParserException {
- try {
- final InputStream s = new ByteArrayInputStream(xmlResponse.getBytes("UTF-8"));
- verifyXMLSignatureResponse = DOMUtils.parseXmlValidating(s);
-
- } catch (final Throwable t) {
- log.warn("Can not parse MOA-Sig response." , t);
- throw new MOASigServiceParserException("service.moasig.02", new Object[] { t.toString() }, t);
-
- }
- }
-
- /**
- * Constructor for VerifyXMLSignatureResponseParser.
- * A DOM-representation of the incoming Inputstream will be created
- * @param xmlResponse <code>&lt;InfoboxReadResponse&gt;</code> as InputStream
- * @throws MOASigServiceParserException on any parsing error
- */
- public VerifyXMLSignatureResponseParser(InputStream xmlResponse) throws MOASigServiceParserException {
- try {
- verifyXMLSignatureResponse = DOMUtils.parseXmlValidating(xmlResponse);
-
- } catch (final Throwable t) {
- log.warn("Can not parse MOA-Sig response." , t);
- throw new MOASigServiceParserException("service.moasig.02", new Object[] { t.toString() }, t);
-
- }
- }
-
- /**
- * Constructor for VerifyXMLSignatureResponseParser.
- * The incoming Element will be used for further operations
- * @param xmlResponse <code>&lt;InfoboxReadResponse&gt;</code> as Element
- */
- public VerifyXMLSignatureResponseParser(Element xmlResponse) {
- verifyXMLSignatureResponse =xmlResponse;
-
- }
-
-/**
- * Parse MOA-Sig signatur-verification result into {@link IXMLSignatureVerificationResponse}
- *
- * @return {@link IXMLSignatureVerificationResponse}
- * @throws MOASigServiceException on any parsing error
- */
- @NonNull
- public IXMLSignatureVerificationResponse parseData() throws MOASigServiceException {
- try {
- final VerifyXMLSignatureResponse respData = new VerifyXMLSignatureResponse();
- respData.setXmlDsigSubjectName(XPathUtils.getElementValue(verifyXMLSignatureResponse,DSIG_SUBJECT_NAME_XPATH,""));
- final Element e = (Element)XPathUtils.selectSingleNode(verifyXMLSignatureResponse,QUALIFIED_CERTIFICATE_XPATH);
- respData.setQualifiedCertificate(e!=null);
-
- final Base64InputStream in = new Base64InputStream(new ByteArrayInputStream(XPathUtils.getElementValue(
- verifyXMLSignatureResponse,DSIG_X509_CERTIFICATE_XPATH,"").getBytes("UTF-8")),true);
-
- respData.setX509CertificateEncoded(new X509Certificate(in).getEncoded());
-
- final Element publicAuthority = (Element)XPathUtils.selectSingleNode(verifyXMLSignatureResponse,PUBLIC_AUTHORITY_XPATH);
- respData.setPublicAuthority(publicAuthority != null);
- respData.setPublicAuthorityCode(XPathUtils.getElementValue(verifyXMLSignatureResponse,PUBLIC_AUTHORITY_CODE_XPATH,""));
- respData.setSignatureCheckCode(new Integer(XPathUtils.getElementValue(verifyXMLSignatureResponse,SIGNATURE_CHECK_CODE_XPATH,"")).intValue());
-
- final String xmlDsigCheckCode = XPathUtils.getElementValue(verifyXMLSignatureResponse,XMLDSIG_MANIFEST_CHECK_CODE_XPATH,null);
- if (xmlDsigCheckCode!=null) {
- respData.setXmlDSIGManigest(true);
- respData.setXmlDSIGManifestCheckCode(new Integer(xmlDsigCheckCode).intValue());
-
- } else {
- respData.setXmlDSIGManigest(false);
-
- }
-
- final String signatureManifestCheckCode = XPathUtils.getElementValue(verifyXMLSignatureResponse,SIGNATURE_MANIFEST_CHECK_CODE_XPATH,null);
- if (signatureManifestCheckCode != null) {
- respData.setSignatureManifestCheckCode(new Integer(signatureManifestCheckCode).intValue());
-
- }
- respData.setCertificateCheckCode(new Integer(XPathUtils.getElementValue(verifyXMLSignatureResponse,CERTIFICATE_CHECK_CODE_XPATH,"")).intValue());
-
- final String signingTimeElement = XPathUtils.getElementValue(verifyXMLSignatureResponse,SIGNING_TIME_XPATH,"");
- if (signingTimeElement != null && !signingTimeElement.isEmpty()) {
- final DateTime datetime = ISODateTimeFormat.dateOptionalTimeParser().parseDateTime(signingTimeElement);
- respData.setSigningDateTime(datetime.toDate());
-
- }
-
- return respData;
-
- } catch (final Throwable t) {
- log.warn("Can not parse MOA-Sig response." , t);
- throw new MOASigServiceParserException("service.moasig.02", new Object[] { t.toString() }, t);
- }
-
- }
-
-
-}
diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/parser/VerifyXmlSignatureResponseParser.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/parser/VerifyXmlSignatureResponseParser.java
new file mode 100644
index 00000000..8cf941a7
--- /dev/null
+++ b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/parser/VerifyXmlSignatureResponseParser.java
@@ -0,0 +1,192 @@
+package at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.parser;
+
+import java.io.ByteArrayInputStream;
+import java.io.InputStream;
+import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.data.IXMLSignatureVerificationResponse;
+import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.exceptions.MoaSigServiceException;
+import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.exceptions.MoaSigServiceParserException;
+import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.data.VerifyXMLSignatureResponse;
+import at.gv.egovernment.moaspss.util.Constants;
+import at.gv.egovernment.moaspss.util.DOMUtils;
+import at.gv.egovernment.moaspss.util.XPathUtils;
+import org.joda.time.DateTime;
+import org.joda.time.format.ISODateTimeFormat;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.lang.NonNull;
+import org.w3c.dom.Element;
+import iaik.utils.Base64InputStream;
+import iaik.x509.X509Certificate;
+
+
+public class VerifyXmlSignatureResponseParser {
+ private static final Logger log = LoggerFactory.getLogger(VerifyXmlSignatureResponseParser.class);
+
+ //
+ // XPath namespace prefix shortcuts
+ //
+ /** Xpath prefix for reaching MOA Namespaces. */
+ private static final String MOA = Constants.MOA_PREFIX + ":";
+ /** Xpath prefix for reaching DSIG Namespaces. */
+ private static final String DSIG = Constants.DSIG_PREFIX + ":";
+ /** Xpath expression to the root element. */
+ private static final String ROOT = "/" + MOA + "VerifyXMLSignatureResponse/";
+
+ /** Xpath expression to the X509SubjectName element. */
+ private static final String DSIG_SUBJECT_NAME_XPATH =
+ ROOT + MOA + "SignerInfo/" + DSIG + "X509Data/" + DSIG + "X509SubjectName";
+ /** Xpath expression to the X509Certificate element. */
+ private static final String DSIG_X509_CERTIFICATE_XPATH =
+ ROOT + MOA + "SignerInfo/" + DSIG + "X509Data/" + DSIG + "X509Certificate";
+ /** Xpath expression to the PublicAuthority element. */
+ private static final String PUBLIC_AUTHORITY_XPATH =
+ ROOT + MOA + "SignerInfo/" + DSIG + "X509Data/" + MOA + "PublicAuthority";
+ /** Xpath expression to the PublicAuthorityCode element. */
+ private static final String PUBLIC_AUTHORITY_CODE_XPATH =
+ PUBLIC_AUTHORITY_XPATH + "/" + MOA + "Code";
+ /** Xpath expression to the QualifiedCertificate element. */
+ private static final String QUALIFIED_CERTIFICATE_XPATH =
+ ROOT + MOA + "SignerInfo/" + DSIG + "X509Data/" + MOA + "QualifiedCertificate";
+
+ /** Xpath expression to the SignatureCheckCode element. */
+ private static final String SIGNATURE_CHECK_CODE_XPATH =
+ ROOT + MOA + "SignatureCheck/" + MOA + "Code";
+ /** Xpath expression to the XMLDSIGManifestCheckCode element. */
+ private static final String XMLDSIG_MANIFEST_CHECK_CODE_XPATH =
+ ROOT + MOA + "XMLDSIGManifestCheck/" + MOA + "Code";
+ /** Xpath expression to the SignatureManifestCheckCode element. */
+ private static final String SIGNATURE_MANIFEST_CHECK_CODE_XPATH =
+ ROOT + MOA + "SignatureManifestCheck/" + MOA + "Code";
+ /** Xpath expression to the CertificateCheckCode element. */
+ private static final String CERTIFICATE_CHECK_CODE_XPATH =
+ ROOT + MOA + "CertificateCheck/" + MOA + "Code";
+
+ private static final String SIGNING_TIME_XPATH = ROOT + MOA + "SigningTime";
+
+
+ /** This is the root element of the XML-Document provided by the Security Layer Card. */
+ private Element verifyXmlSignatureResponse;
+
+ /**
+ * Constructor for VerifyXMLSignatureResponseParser. A DOM-representation of the incoming String
+ * will be created
+ *
+ * @param xmlResponse <code>&lt;InfoboxReadResponse&gt;</code> as String
+ * @throws MoaSigServiceParserException on any parsing error
+ */
+ public VerifyXmlSignatureResponseParser(final String xmlResponse)
+ throws MoaSigServiceParserException {
+ try {
+ final InputStream s = new ByteArrayInputStream(xmlResponse.getBytes("UTF-8"));
+ verifyXmlSignatureResponse = DOMUtils.parseXmlValidating(s);
+
+ } catch (final Throwable t) {
+ log.warn("Can not parse MOA-Sig response.", t);
+ throw new MoaSigServiceParserException("service.moasig.02", new Object[] {t.toString()}, t);
+
+ }
+ }
+
+ /**
+ * Constructor for VerifyXMLSignatureResponseParser. A DOM-representation of the incoming
+ * Inputstream will be created
+ *
+ * @param xmlResponse <code>&lt;InfoboxReadResponse&gt;</code> as InputStream
+ * @throws MoaSigServiceParserException on any parsing error
+ */
+ public VerifyXmlSignatureResponseParser(final InputStream xmlResponse)
+ throws MoaSigServiceParserException {
+ try {
+ verifyXmlSignatureResponse = DOMUtils.parseXmlValidating(xmlResponse);
+
+ } catch (final Throwable t) {
+ log.warn("Can not parse MOA-Sig response.", t);
+ throw new MoaSigServiceParserException("service.moasig.02", new Object[] {t.toString()}, t);
+
+ }
+ }
+
+ /**
+ * Constructor for VerifyXMLSignatureResponseParser. The incoming Element will be used for further
+ * operations
+ *
+ * @param xmlResponse <code>&lt;InfoboxReadResponse&gt;</code> as Element
+ */
+ public VerifyXmlSignatureResponseParser(final Element xmlResponse) {
+ verifyXmlSignatureResponse = xmlResponse;
+
+ }
+
+ /**
+ * Parse MOA-Sig signatur-verification result into {@link IXMLSignatureVerificationResponse}.
+ *
+ * @return {@link IXMLSignatureVerificationResponse}
+ * @throws MoaSigServiceException on any parsing error
+ */
+ @NonNull
+ public IXMLSignatureVerificationResponse parseData() throws MoaSigServiceException {
+ try {
+ final VerifyXMLSignatureResponse respData = new VerifyXMLSignatureResponse();
+ respData.setXmlDsigSubjectName(
+ XPathUtils.getElementValue(verifyXmlSignatureResponse, DSIG_SUBJECT_NAME_XPATH, ""));
+ final Element e = (Element) XPathUtils.selectSingleNode(verifyXmlSignatureResponse,
+ QUALIFIED_CERTIFICATE_XPATH);
+ respData.setQualifiedCertificate(e != null);
+
+ final Base64InputStream in = new Base64InputStream(new ByteArrayInputStream(
+ XPathUtils.getElementValue(verifyXmlSignatureResponse, DSIG_X509_CERTIFICATE_XPATH, "")
+ .getBytes("UTF-8")),
+ true);
+
+ respData.setX509CertificateEncoded(new X509Certificate(in).getEncoded());
+
+ final Element publicAuthority =
+ (Element) XPathUtils.selectSingleNode(verifyXmlSignatureResponse, PUBLIC_AUTHORITY_XPATH);
+ respData.setPublicAuthority(publicAuthority != null);
+ respData.setPublicAuthorityCode(
+ XPathUtils.getElementValue(verifyXmlSignatureResponse, PUBLIC_AUTHORITY_CODE_XPATH, ""));
+ respData.setSignatureCheckCode(new Integer(
+ XPathUtils.getElementValue(verifyXmlSignatureResponse, SIGNATURE_CHECK_CODE_XPATH, ""))
+ .intValue());
+
+ final String xmlDsigCheckCode = XPathUtils.getElementValue(verifyXmlSignatureResponse,
+ XMLDSIG_MANIFEST_CHECK_CODE_XPATH, null);
+ if (xmlDsigCheckCode != null) {
+ respData.setXmlDSIGManigest(true);
+ respData.setXmlDSIGManifestCheckCode(new Integer(xmlDsigCheckCode).intValue());
+
+ } else {
+ respData.setXmlDSIGManigest(false);
+
+ }
+
+ final String signatureManifestCheckCode = XPathUtils
+ .getElementValue(verifyXmlSignatureResponse, SIGNATURE_MANIFEST_CHECK_CODE_XPATH, null);
+ if (signatureManifestCheckCode != null) {
+ respData.setSignatureManifestCheckCode(new Integer(signatureManifestCheckCode).intValue());
+
+ }
+ respData.setCertificateCheckCode(new Integer(
+ XPathUtils.getElementValue(verifyXmlSignatureResponse, CERTIFICATE_CHECK_CODE_XPATH, ""))
+ .intValue());
+
+ final String signingTimeElement =
+ XPathUtils.getElementValue(verifyXmlSignatureResponse, SIGNING_TIME_XPATH, "");
+ if (signingTimeElement != null && !signingTimeElement.isEmpty()) {
+ final DateTime datetime =
+ ISODateTimeFormat.dateOptionalTimeParser().parseDateTime(signingTimeElement);
+ respData.setSigningDateTime(datetime.toDate());
+
+ }
+
+ return respData;
+
+ } catch (final Throwable t) {
+ log.warn("Can not parse MOA-Sig response.", t);
+ throw new MoaSigServiceParserException("service.moasig.02", new Object[] {t.toString()}, t);
+ }
+
+ }
+
+
+}
diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/resources/moa-sig-service.beans.xml b/eaaf_modules/eaaf_module_moa-sig/src/main/resources/moa-sig-service.beans.xml
index 60b75f3c..c5e05853 100644
--- a/eaaf_modules/eaaf_module_moa-sig/src/main/resources/moa-sig-service.beans.xml
+++ b/eaaf_modules/eaaf_module_moa-sig/src/main/resources/moa-sig-service.beans.xml
@@ -1,25 +1,25 @@
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xmlns:context="http://www.springframework.org/schema/context"
- xmlns:tx="http://www.springframework.org/schema/tx"
- xmlns:aop="http://www.springframework.org/schema/aop"
- xsi:schemaLocation="http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.1.xsd
- http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
- http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd
- http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd">
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xmlns:context="http://www.springframework.org/schema/context"
+ xmlns:tx="http://www.springframework.org/schema/tx"
+ xmlns:aop="http://www.springframework.org/schema/aop"
+ xsi:schemaLocation="http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.1.xsd
+ http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
+ http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd
+ http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd">
- <context:annotation-config />
+ <context:annotation-config />
+
+ <bean id="moaSigInitializer"
+ class="at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.MoaSigInitializer" />
+
+ <bean id="moaSigVerifyService"
+ class="at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.SignatureVerificationService"
+ depends-on="moaSigInitializer" />
+
+ <bean id="moaSigCreateService"
+ class="at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.SignatureCreationService"
+ depends-on="moaSigInitializer" />
- <bean id="moaSigInitializer"
- class="at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.MoaSigInitializer" />
-
- <bean id="moaSigVerifyService"
- class="at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.SignatureVerificationService"
- depends-on="moaSigInitializer" />
-
- <bean id="moaSigCreateService"
- class="at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.SignatureCreationService"
- depends-on="moaSigInitializer" />
-
</beans> \ No newline at end of file